Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/8c-C1cKrS9vrEHHyduDpxBWUdn0.roa
File:                     8c-C1cKrS9vrEHHyduDpxBWUdn0.roa (raw, json)
Hash identifier:          FTOpIZK5tyefkmNU2LUaQ9tagbXfcmBK67esQmwstIE=
Subject key identifier:   F1:CF:82:D5:C2:AB:4B:DB:EB:10:71:F2:76:E0:E9:C4:15:94:76:7D
Certificate issuer:       /CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
Certificate serial:       018CC3495F8BCD006A361969EA62160B6E8B
Authority key identifier: 2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/8c-C1cKrS9vrEHHyduDpxBWUdn0.roa
Signing time:             Mon 01 Jan 2024 04:30:14 +0000
ROA not before:           Mon 01 Jan 2024 04:30:14 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58002
IP address blocks:        37.208.64.0/20 maxlen: 20
                          77.247.232.0/21 maxlen: 21
                          77.247.237.0/29 maxlen: 29
                          92.241.0.0/19 maxlen: 19
                          2a00:c9c0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 24 Jul 2024 09:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:5f:8b:cd:00:6a:36:19:69:ea:62:16:0b:6e:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
        Validity
            Not Before: Jan  1 04:30:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f1cf82d5c2ab4bdbeb1071f276e0e9c41594767d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:0f:fa:79:b6:cf:40:88:a7:26:52:d6:60:0a:
                    fb:9d:29:3f:bc:cb:e2:84:45:dc:6a:7c:8b:23:55:
                    2a:a5:bf:21:46:aa:d1:17:91:88:98:92:27:15:85:
                    08:f9:fc:d3:e0:d4:04:6e:3a:e8:9a:a0:01:38:5b:
                    2f:1d:7e:33:49:45:5f:71:d8:53:69:00:28:52:8a:
                    fb:a0:5f:2e:4e:81:df:f8:d1:d2:e1:46:04:94:8d:
                    e1:ba:34:db:98:68:25:eb:74:e5:c7:91:b5:d6:f8:
                    45:cd:9d:1b:65:aa:62:d2:61:c1:02:07:52:9d:2a:
                    e6:2f:da:c6:d7:3e:c3:e8:cc:08:a4:77:9a:ce:01:
                    ea:18:59:bf:f5:43:13:ca:e9:13:e5:c6:a8:10:d8:
                    ec:1c:d2:c4:ef:67:ff:0b:33:ec:ba:81:f9:f6:33:
                    c5:ed:3c:7e:d0:73:d8:1f:b0:e5:e3:a8:d4:3a:cd:
                    30:bf:da:b6:3f:2f:30:71:b8:7c:37:64:c3:00:cf:
                    c0:45:50:11:36:4e:aa:dc:a9:e8:c0:db:78:a9:fc:
                    a8:ea:36:d5:40:51:9a:04:73:6c:dc:39:67:24:9c:
                    80:1a:92:2b:5a:84:f2:47:03:7e:a0:25:be:cc:3d:
                    54:f5:ef:b3:3a:3a:b9:24:ef:4e:8d:b5:36:8f:73:
                    d6:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:CF:82:D5:C2:AB:4B:DB:EB:10:71:F2:76:E0:E9:C4:15:94:76:7D
            X509v3 Authority Key Identifier:
                keyid:2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/8c-C1cKrS9vrEHHyduDpxBWUdn0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/Lu7FIx0hKzEFedePxBR5ym7Cqgc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.208.64.0/20
                  77.247.232.0/21
                  92.241.0.0/19
                IPv6:
                  2a00:c9c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         03:fc:f1:d9:3e:27:2f:28:a0:fe:d5:c3:98:c9:64:78:37:9d:
         10:0f:67:9d:1c:0e:f2:78:20:25:68:3b:0a:cd:d0:3c:5d:37:
         37:bf:d7:6a:e1:52:a8:2e:b8:11:c7:5e:d2:9f:29:25:5c:d3:
         f1:a2:f2:9d:1c:41:99:db:97:69:f4:cf:f7:87:6d:33:b9:e7:
         19:26:2e:c1:a4:de:98:41:42:51:02:13:32:9b:68:e8:66:19:
         e5:98:f2:ea:6c:95:d0:cb:df:d4:f7:20:ed:10:0b:64:c4:af:
         be:dc:93:c9:70:1a:24:7f:d1:4b:b7:18:12:f1:3b:a0:f1:be:
         29:78:ad:c5:97:f5:64:e1:1f:4c:24:34:44:8a:6d:4f:c3:39:
         a6:77:05:14:07:ba:67:f0:cb:d8:93:a2:b1:29:2a:60:5c:6d:
         ed:cb:ee:e5:f0:da:4a:c8:60:79:06:d7:b0:00:40:3c:de:47:
         47:8c:3d:61:23:13:31:e1:5f:6d:d6:6f:6c:be:28:f3:93:d2:
         a2:39:0a:f9:32:24:72:06:e5:32:49:ff:fa:21:8d:9d:71:0b:
         4b:21:e3:72:2f:54:71:2f:6d:e1:b9:75:db:93:e7:b0:bb:02:
         25:28:57:4a:4e:98:c8:7c:2d:72:3b:4c:43:53:a2:a0:49:1f:
         58:77:b9:5e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDSV+LzQBqNhlp6mIWC26LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZWVjNTIzMWQyMTJiMzEwNTc5ZDc4ZmM0MTQ3OWNhNmVj
MmFhMDcwHhcNMjQwMTAxMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWNmODJkNWMyYWI0YmRiZWIxMDcxZjI3NmUwZTljNDE1OTQ3NjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQ/6ebbPQIinJlLWYAr7nSk/vMvi
hEXcanyLI1Uqpb8hRqrRF5GImJInFYUI+fzT4NQEbjromqABOFsvHX4zSUVfcdhT
aQAoUor7oF8uToHf+NHS4UYElI3hujTbmGgl63Tlx5G11vhFzZ0bZapi0mHBAgdS
nSrmL9rG1z7D6MwIpHeazgHqGFm/9UMTyukT5caoENjsHNLE72f/CzPsuoH59jPF
7Tx+0HPYH7Dl46jUOs0wv9q2Py8wcbh8N2TDAM/ARVARNk6q3KnowNt4qfyo6jbV
QFGaBHNs3DlnJJyAGpIrWoTyRwN+oCW+zD1U9e+zOjq5JO9OjbU2j3PWAQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPHPgtXCq0vb6xBx8nbg6cQVlHZ9MB8GA1UdIwQY
MBaAFC7uxSMdISsxBXnXj8QUecpuwqoHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHU3Rkl4MGhLekVGZWRlUHhCUjV5bTdDcWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84Yjg1NmEtMzhhZS00Y2ZiLTgxZDIt
MjcxYTk1NzZlYWU3LzEvOGMtQzFjS3JTOXZyRUhIeWR1RHB4QldVZG4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84Yjg1NmEtMzhhZS00Y2ZiLTgxZDItMjcxYTk1NzZlYWU3
LzEvTHU3Rkl4MGhLekVGZWRlUHhCUjV5bTdDcWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEJdBAAwQD
TffoAwQFXPEAMA0EAgACMAcDBQAqAMnAMA0GCSqGSIb3DQEBCwUAA4IBAQAD/PHZ
PicvKKD+1cOYyWR4N50QD2edHA7yeCAlaDsKzdA8XTc3v9dq4VKoLrgRx17Snykl
XNPxovKdHEGZ25dp9M/3h20zuecZJi7BpN6YQUJRAhMym2joZhnlmPLqbJXQy9/U
9yDtEAtkxK++3JPJcBokf9FLtxgS8Tug8b4peK3Fl/Vk4R9MJDREim1PwzmmdwUU
B7pn8MvYk6KxKSpgXG3ty+7l8NpKyGB5BtewAEA83kdHjD1hIxMx4V9t1m9svijz
k9KiOQr5MiRyBuUySf/6IY2dcQtLIeNyL1RxL23huXXbk+ewuwIlKFdKTpjIfC1y
O0xDU6KgSR9Yd7le
-----END CERTIFICATE-----
Generated at Wed Jul 24 12:45:20 2024 by rpki-client on console-ams.rpki-client.org